Gabb2b's Stars
deepfence/ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
KingOfBugbounty/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
aquasecurity/cloudsploit
Cloud Security Posture Management (CSPM)
salesforce/cloudsplaining
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
BishopFox/cloudfox
Automating situational awareness for cloud penetration tests.
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
krol3/container-security-checklist
Checklist for container security - devsecops practices
iknowjason/Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
jassics/awesome-aws-security
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
OWASP/crAPI
completely ridiculous API (crAPI)
andresriancho/enumerate-iam
Enumerate the permissions associated with AWS credential set
openappsec/openappsec
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Azure/Azure-Network-Security
Resources for improving Customer Experience with Azure Network Security
ine-labs/AzureGoat
AzureGoat : A Damn Vulnerable Azure Infrastructure
pop3ret/AWSome-Pentesting
My cheatsheet notes to pentest AWS infrastructure
myugan/awesome-docker-security
📚 A curated list of awesome Docker security resources
Funkmyster/awesome-cloud-security
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
OWASP/DVSA
a Damn Vulnerable Serverless Application
hashishrajan/cloud-security-vulnerabilities
List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc
kmcquade/awesome-azure-security
A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.
GoogleCloudPlatform/security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
padok-team/yatas
:owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
ermetic-research/cnappgoat
CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
awslabs/aws-security-analytics-bootstrap
AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.
akto-api-security/30-API-security-tests
🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the community. Next 30 days we will post test tutorials here.
aws-samples/aws-iam-permissions-guardrails
AWS IAM Permissions Guardrails https://aws-samples.github.io/aws-iam-permissions-guardrails/
orcasecurity/orca-toolbox
doitintl/secure-gcp-reference
Best practice example for secure and compliant Google Cloud Platform infrastructure
aws-samples/network-access-analyzer-multi-account-analysis
Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organization.
sethsec-bf/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.